Senior IT Security Analyst
September 12, 2020
At McCarthy Tétrault, we offer challenging and rewarding career opportunities and are delighted to have been selected as one of Canada’s Top 100 Employers 2019 for the seventh consecutive year. Our culture is built on professional excellence, collaboration, innovation, thought leadership and entrepreneurialism. We embrace inclusion in all its forms and we provide the tools and opportunities to help our people develop to their full potential.
As a Senior IT Security Analyst, you will:
- Oversee the configuration, monitoring, logging, testing and assessment of various security and access control systems protecting the Firm’s information assets.
- Work closely with managed security services, engaged third party service providers, external customers and supporting Information Security by preparing progress reports on metrics and trends, and projections for management reporting, as required.
- Ensure day to day IT operations are performed in accordance to security practices.
- Coordinate and conduct the investigation of security incidents under the direction of the Director, IT Security and in accordance to the IT Security management practices.
- Support IT and Business projects as the Security SME and conduct risk assessments. Lead security projects as required.
- Contribute to the identification and evaluation of information security threats through internal audits and process reviews of existing security controls.
- Participate in the periodic review of the firewall rule-set and regular reviews of identity access management.
- Develop and execute penetration testing process, as well as follow up remediation activities.
- Plan, test and design controls, and evaluate operational plans, requirements and designs from an information security perspective.
- Consult on site and facility design from an operational security perspective.
- Ensure IT Security documentation is developed and maintained, and that this knowledge is transferred among IT stakeholders.
- Maintain awareness of current and emerging threats and stay abreast of current and developing technologies, risks, and security best practices.
- Develop and coordinate the department’s Security Awareness Training program.
- Liaise with clients on external audit and compliance requests.
As our ideal candidate, you will have:
- A minimum of 5 years of relevant work experience in information security. Additional experience involving frequent customer facing responsibilities is an asset.
- Completed post-secondary education or equivalent [RL1] in Information Technology or Information Security[RL2] is an asset.
- Experience with ISO 27001/27002 and/or CIS Top 20 Critical Controls required.
- Experience with information security risk assessment methodologies required.
- CISSP or CISM certification required.
- GCIH or GCFA certifications a strong asset, along with practical work experience in these domains.
- Strong written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
- A critical thinker with strong problem-solving skills.
- Demonstrated knowledge of technological trends and developments in the area of information security and risk management, and the knack to quickly pick up and learn new concepts in the field.
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
- Strong organizational skills, with a high attention to detail.
- Bilingualism (French, English) would be an asset.
Role requires after-hours, weekend and holiday availability occasionally.
How to apply:
We invite you to submit your application to [email protected].We thank all applicants for their interest in McCarthy Tétrault; however, only chosen applicants will be contacted. We regret that we are unable to respond to individual inquiries about application status. McCarthy Tétrault is an equal opportunity employer that fosters an inclusive, equitable, and accessible environment. Please notify us if you require accommodation at any time during the recruitment process.